March 08, 2011 02:50 PM Eastern Time
Documents Reveal Credit Card Company Knew of ‘Electronic Pickpocketing’ Risk, According to Identity Stronghold
TAMPA, Fla.--(BUSINESS WIRE)--Documents recently uncovered at the U.S. Patent and Trademark Office show that at least one credit card company knew in advance that the contactless cards containing RFID chips they issued to millions of Americans are easily susceptible to electronic pickpocketing, despite the industry's repeated public claims to the contrary.
“Their conduct may be actionable, and if cardholders were to file suit, they could potentially have a viable cause of action.”
.Credit card companies have been embedding radio frequency identification chips in many new cards for several years. These RFID chips allow tech-savvy thieves with commercially available card readers to remotely skim card data which can be used to commit payment fraud, without ever laying a hand on the victim, a claim credit card companies publicly deny.
According to Identity Stronghold, in a 2006 patent application on Visa’s behalf (US Pat # 7,482,925), the director of Visa’s product development, warned that, “unfortunately, due to the wireless nature of the contactless portable electronic devices, it is entirely possible that a contactless reader may be used for surreptitious interrogation (e.g., data skimming) of the contactless portable electronic devices. In addition, it is conceivable that a contactless reader may be developed or modified to generate a much greater RF signal strength and sensitivity and thereby increase the standard range."
In a separate patent application (US Pat # 7,522,905), the director went on to describe contactless cards’ susceptibility to electronic pickpocketing as “a major concern for consumers and businesses alike,” calling it “easy for wireless interrogation to occur virtually at any time and place.”
The director added, "as contactless cards evolve, the classic skimming problem comes along with it. In fact, in a wireless environment the opportunity to skim magnetic stripe data is more prevalent. In a wireless environment, a potential skimmer need not physically possess the card to be skimmed nor have access to any of the physical equipment (e.g. POS terminal, communication lines, etc.) which is required for skimming in a wire based environment," as stated in another filing (US Pat # (7,740,168).
“Once the victim of the wireless interrogation discovers that they had sensitive information stolen, it is often too late to discover where the theft took place. Thus, the unauthorized interrogations may continue unabated,” he wrote.
The patent documents show Visa’s director of product development concluded that “what is needed is a shielding device that shields the contactless portable electronic devices from unauthorized interrogation that is simple to use and cost effective.”
Despite the director’s warning, credit card companies have neither warned their customers about the risks their cards pose nor countered the risks by issuing cards with shielding sleeves, which are simple to use, cost effective and commercially available through Identity Stronghold, a company that manufactures them.
“The problem is real. The risk is great, and the stakes are as high as your credit limit,”™ said Walt Augustinowicz, president of Identity Stronghold. “We keep demonstrating to news cameras how easy it is to electronically scan useable data from cardholders in public places, and credit card companies keep denying it’s possible to scan and use the data for payment fraud, as if putting cardholders at risk in the first place wasn’t disrespectful enough.”
A recent television news story by CBS affiliate, WREG in Memphis, that showed Augustinowicz demonstrating electronically scanning people on Beale Street there, generated millions of online views and solicited only denials of risk from the major credit card companies. WREG posted the companies’ responses on their Website.
“Given the patent documents that appear to show that some card companies were aware of the risks their products present to cardholders yet undertook efforts, to deny those risks, it is quite conceivable that these companies may be legally liable for knowingly endangering the public,” said Hunter Chamberlin, a civil litigation attorney in Tampa, Florida. “Their conduct may be actionable, and if cardholders were to file suit, they could potentially have a viable cause of action.”
The following video links connect to recent news stories about electronic pickpocketing:
Coloradans more likely to be victims of "electronic pickpocketing"
INSIDE EDITION INVESTIGATES ELECTRONIC PICKPOCKETING
The Risk Inside Your Credit Card
For Identity Stronghold
Michael Bilello, 813-732-0180
Sphere: Related Content